Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/xER0K9I9xK8DBLC6KDcI75JR9LY.roa
File: xER0K9I9xK8DBLC6KDcI75JR9LY.roa (raw, json)
Hash identifier: OqOr60qixfUKi1rv4+JZ/v9458y498eM0Dbfd2dxyz4=
Subject key identifier: C4:44:74:2B:D2:3D:C4:AF:03:04:B0:BA:28:37:08:EF:92:51:F4:B6
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 019427B40AD8F678E548A75E4464F1C73B79
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/xER0K9I9xK8DBLC6KDcI75JR9LY.roa
Signing time: Thu 02 Jan 2025 15:48:18 +0000
ROA not before: Thu 02 Jan 2025 15:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 85.237.72.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:0a:d8:f6:78:e5:48:a7:5e:44:64:f1:c7:3b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jan 2 15:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c444742bd23dc4af0304b0ba283708ef9251f4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3c:f8:55:6f:f4:7e:8a:ea:6a:e5:e7:ff:33:
47:bc:a2:06:ac:3b:67:60:9f:77:3c:e9:d9:0a:b8:
30:36:e3:71:c8:c3:11:84:2f:ab:60:4a:31:e6:bc:
84:8d:a4:e7:8c:f3:32:26:5f:c4:6f:78:0c:59:6f:
7f:07:77:e3:50:06:a9:53:fd:5d:8d:2c:4b:09:82:
3c:6c:24:46:a3:37:e9:30:e1:2c:04:af:de:b9:06:
87:03:6d:0e:19:3a:43:e8:6d:08:db:dc:90:22:07:
8c:32:88:67:a2:03:68:cc:89:e0:93:40:65:57:35:
cd:95:df:df:ed:c6:6c:ec:5c:5e:a4:96:5a:a4:9c:
e9:83:c4:a1:12:34:63:07:75:c9:88:fa:96:46:e4:
00:40:7e:4d:90:d5:87:65:44:55:05:76:e7:6a:d0:
83:0b:64:b2:52:f1:d8:c5:a8:f5:b8:df:51:e2:f8:
08:4d:42:2f:46:85:60:61:05:34:98:0b:42:1a:aa:
7c:80:21:93:dd:54:23:09:c2:b0:8a:cb:40:3e:9c:
47:ce:53:7c:38:da:af:2f:16:2a:08:3a:39:f4:87:
02:2d:b6:ac:1a:08:01:98:e2:22:7c:68:a1:1d:2b:
e1:ec:d3:fe:0b:a8:11:da:41:57:38:27:d9:a1:cd:
2a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:44:74:2B:D2:3D:C4:AF:03:04:B0:BA:28:37:08:EF:92:51:F4:B6
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/xER0K9I9xK8DBLC6KDcI75JR9LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.72.0/21
Signature Algorithm: sha256WithRSAEncryption
59:92:6f:27:d6:ed:df:0b:f2:b9:35:da:73:d7:63:17:4e:60:
4f:90:8f:f0:51:e0:7d:4b:92:13:4e:c1:81:d0:df:4c:55:85:
28:5e:2f:f6:41:02:19:42:cd:84:1e:87:9c:3d:ca:5a:10:d5:
ac:60:e0:80:b3:31:7e:de:f4:22:85:cd:fe:61:59:57:28:24:
b2:00:01:9b:64:9e:bb:8d:f0:bc:c5:34:da:bd:27:d4:21:52:
0e:f8:12:97:22:01:d6:66:a5:88:7f:b8:4e:4e:0c:15:f1:d6:
35:2e:68:40:27:ff:ef:40:9f:4a:e9:5a:ee:1f:8e:04:8e:a8:
23:dd:e6:27:6f:9d:46:90:2b:4e:89:bd:6b:e9:ba:35:ec:ba:
cd:76:2c:bb:e3:8b:b7:6c:2f:d0:f2:86:bb:6d:2e:32:ef:15:
97:cf:3f:0b:23:e0:4a:18:8a:4d:81:0e:24:4a:54:49:ca:55:
94:8b:41:44:20:4a:69:eb:9f:4f:59:1e:5c:c4:8b:a7:1e:0d:
7c:16:dc:b1:2f:ca:f8:89:73:41:95:ce:53:43:15:73:4c:8f:
2d:1d:1d:cd:5a:01:ee:6a:37:e3:6a:ab:fc:ea:89:b6:fc:8b:
b5:75:38:fa:7f:82:74:97:fa:ad:bb:34:0c:f5:46:8a:51:37:
d5:84:03:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntArY9njlSKdeRGTxxzt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjUwMTAyMTU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ0NzQyYmQyM2RjNGFmMDMwNGIwYmEyODM3MDhlZjkyNTFmNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTz4VW/0forqauXn/zNHvKIGrDtn
YJ93POnZCrgwNuNxyMMRhC+rYEox5ryEjaTnjPMyJl/Eb3gMWW9/B3fjUAapU/1d
jSxLCYI8bCRGozfpMOEsBK/euQaHA20OGTpD6G0I29yQIgeMMohnogNozIngk0Bl
VzXNld/f7cZs7FxepJZapJzpg8ShEjRjB3XJiPqWRuQAQH5NkNWHZURVBXbnatCD
C2SyUvHYxaj1uN9R4vgITUIvRoVgYQU0mAtCGqp8gCGT3VQjCcKwistAPpxHzlN8
ONqvLxYqCDo59IcCLbasGggBmOIifGihHSvh7NP+C6gR2kFXOCfZoc0qYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMREdCvSPcSvAwSwuig3CO+SUfS2MB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEveEVSMEs5STl4SzhEQkxDNktEY0k3NUpSOUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVe1IMA0G
CSqGSIb3DQEBCwUAA4IBAQBZkm8n1u3fC/K5Ndpz12MXTmBPkI/wUeB9S5ITTsGB
0N9MVYUoXi/2QQIZQs2EHoecPcpaENWsYOCAszF+3vQihc3+YVlXKCSyAAGbZJ67
jfC8xTTavSfUIVIO+BKXIgHWZqWIf7hOTgwV8dY1LmhAJ//vQJ9K6VruH44Ejqgj
3eYnb51GkCtOib1r6bo17LrNdiy744u3bC/Q8oa7bS4y7xWXzz8LI+BKGIpNgQ4k
SlRJylWUi0FEIEpp659PWR5cxIunHg18FtyxL8r4iXNBlc5TQxVzTI8tHR3NWgHu
ajfjaqv86om2/Iu1dTj6f4J0l/qtuzQM9UaKUTfVhAOb
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:54:18 2025 by rpki-client